> [1] John, should we contemplate taking this out and storing it in a> seperate place/file/db_table somewhere?

I can see benefits to this; especially for use in channel subscriptionmanagement. I'm toying with the idea of a "per-channel" secret, asopposed to a server secret, that could be used to automagicallydetermine which channels a given client is subscribed to based on thesysid. No idea how it would be implemented yet, though...

Anyone else on this list have thoughts on this idea? Keep in mind, thisis probably a 1.9 timeline idea...

> My apache server is running and apache can read the file.> > I'm still getting the "privacy error" from the client.> > Also, I'm now getting an error while running cadmin:> # cadmin> Error: db_dir or web_dir not found - perhaps this is an older config file?> > I did not get this error before, and I'm vitually sure all the paths are > correct. Has anyone seen this before?

>On Mon, 2003-04-21 at 17:30, Stephen Mah wrote:>> >>>Paul,>>>>thanks for the help. It works now, but when I run up2date... I get Fatal >>error retrieving privacy statement: internal server error.>>I made sure that I have the privacy_statement line in my >>/etc/current​/current.conf file. Do I have to -rerun anything?>>like cadmin create_apache_config>>>> >>>>create_apache_config is a one time thing.>>Have you restarted apache, and can apache read that config file?>> >

My apache server is running and apache can read the file.

I'm still getting the "privacy error" from the client.

Also, I'm now getting an error while running cadmin:# cadminError: db_dir or web_dir not found - perhaps this is an older config file?

I did not get this error before, and I'm vitually sure all the paths are correct. Has anyone seen this before?

> > Paul,> > thanks for the help. It works now, but when I run up2date... I get Fatal > error retrieving privacy statement: internal server error.> I made sure that I have the privacy_statement line in my > /etc/current/current.conf file. Do I have to -rerun anything?> like cadmin create_apache_config>

>>>Can you check if the certificate on the client authenticates properly.>>Check /etc/sysconfig/rhn/up2date and look for the sslCACert lines>>sslCACert[comment]=The location of the SSL CA certificate.>sslCACert=/usr/s​hare/rhn/RHNS-CA-CER​T>>Check the certificate is the one from the current server:>>openssl s_client -connect scoop:443 -CAfile /usr/share/rhn/RHNS-CA-CERT>>You are looking for Verify return code: 0 (ok)>>If the CA file does not match your server you will see >>Verify return code: 18 (self signed certificate)>>If this is the case you will need to copy /etc/current/RHNS-CA-CERT from>the current server to the client and put into your sslCACert location.>>If the above steps still leave you with an error we'll need to check if>apache is using the current generated key/crt >>Paul> >

Paul,

thanks for the help. It works now, but when I run up2date... I get Fatal error retrieving privacy statement: internal server error.I made sure that I have the privacy_statement line in my /etc/current/current.conf file. Do I have to -rerun anything?like cadmin create_apache_config

>I'm now getting the following error:># up2date --register>There was an SSL error: [('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE',>'certificate verify failed')]>>Have you checked the times of the two systems to make sure they are close?>Incorrect time is a common cause of this error.>>>>>----------------​--------------------​--------------------​------------->To unsubscribe, e-mail: users-unsubscribe@cu​rrent.tigris.org>For additional commands, e-mail: users-help at current dot tigris dot org>> >yeah, the server time was off. I just turned on ntpd, but I still get the error.